Published: 07/12/2015 Updated: 06/06/2019

CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8

VMScore: 905

Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

The iControl API in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.0 prior to 11.5.3 HF2 and 11.6.0 prior to 11.6.0 HF6, BIG-IP AAM 11.4.0 prior to 11.5.3 HF2 and 11.6.0 prior to 11.6.0 HF6, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0, BIG-IP GTM 11.3.0 prior to 11.6.0 HF6, BIG-IP PSM 11.3.0 up to and including 11.4.1, Enterprise Manager 3.1.0 up to and including 3.1.1, BIG-IQ Cloud and Security 4.0.0 up to and including 4.5.0, BIG-IQ Device 4.2.0 up to and including 4.5.0, and BIG-IQ ADC 4.5.0 allows remote authenticated users with the "Resource Administrator" role to gain privileges via an iCall (1) script or (2) handler in a SOAP request to iControl/iControlPortal.cgi.

Vulnerable Product	Search on Vulmon	Subscribe to Product
f5 big-iq security 4.4.0
f5 big-iq security 4.5.0
f5 big-iq security 4.0.0
f5 big-iq security 4.1.0
f5 big-iq security 4.2.0
f5 big-iq security 4.3.0
f5 big-ip application acceleration manager 11.5.3
f5 big-ip application acceleration manager 11.6.0
f5 big-ip application acceleration manager 11.4.0
f5 big-ip application acceleration manager 11.4.1
f5 big-ip application acceleration manager 11.5.0
f5 big-ip application acceleration manager 11.5.1
f5 big-ip application acceleration manager 11.5.2
f5 big-ip wan optimization manager 11.3.0
f5 big-iq adc 4.5.0
f5 big-ip application security manager 11.4.1
f5 big-ip application security manager 11.5.0
f5 big-ip application security manager 11.5.1
f5 big-ip application security manager 11.5.2
f5 big-ip application security manager 11.5.3
f5 big-ip application security manager 11.6.0
f5 big-ip application security manager 11.3.0
f5 big-ip application security manager 11.4.0
f5 big-ip global traffic manager 11.4.0
f5 big-ip global traffic manager 11.4.1
f5 big-ip global traffic manager 11.5.0
f5 big-ip global traffic manager 11.5.1
f5 big-ip global traffic manager 11.5.2
f5 big-ip global traffic manager 11.5.3
f5 big-ip global traffic manager 11.3.0
f5 big-ip global traffic manager 11.6.0
f5 big-iq device 4.2.0
f5 big-iq device 4.3.0
f5 big-iq device 4.4.0
f5 big-iq device 4.5.0
f5 big-ip edge gateway 11.3.0
f5 big-ip local traffic manager 11.4.1
f5 big-ip local traffic manager 11.5.0
f5 big-ip local traffic manager 11.5.1
f5 big-ip local traffic manager 11.5.2
f5 big-ip local traffic manager 11.5.3
f5 big-ip local traffic manager 11.6.0
f5 big-ip local traffic manager 11.3.0
f5 big-ip local traffic manager 11.4.0
f5 big-ip access policy manager 11.4.0
f5 big-ip access policy manager 11.4.1
f5 big-ip access policy manager 11.5.0
f5 big-ip access policy manager 11.5.1
f5 big-ip access policy manager 11.5.2
f5 big-ip access policy manager 11.5.3
f5 big-ip access policy manager 11.3.0
f5 big-ip access policy manager 11.6.0
f5 big-ip policy enforcement manager 11.3.0
f5 big-ip policy enforcement manager 11.4.0
f5 big-ip policy enforcement manager 11.4.1
f5 big-ip policy enforcement manager 11.5.0
f5 big-ip policy enforcement manager 11.5.1
f5 big-ip policy enforcement manager 11.5.2
f5 big-ip policy enforcement manager 11.5.3
f5 big-ip policy enforcement manager 11.6.0
f5 big-iq cloud 4.0.0
f5 big-iq cloud 4.1.0
f5 big-iq cloud 4.2.0
f5 big-iq cloud 4.3.0
f5 big-iq cloud 4.4.0
f5 big-iq cloud 4.5.0
f5 big-ip analytics 11.4.0
f5 big-ip analytics 11.4.1
f5 big-ip analytics 11.5.0
f5 big-ip analytics 11.5.1
f5 big-ip analytics 11.5.2
f5 big-ip analytics 11.5.3
f5 big-ip analytics 11.3.0
f5 big-ip analytics 11.6.0
f5 big-ip protocol security module 11.4.0
f5 big-ip protocol security module 11.4.1
f5 big-ip protocol security module 11.3.0
f5 big-ip webaccelerator 11.3.0
f5 big-ip link controller 11.5.0
f5 big-ip link controller 11.5.1
f5 big-ip link controller 11.5.2
f5 big-ip link controller 11.5.3
f5 big-ip link controller 11.3.0
f5 big-ip link controller 11.6.0
f5 big-ip link controller 11.4.0
f5 big-ip link controller 11.4.1
f5 big-ip enterprise manager 3.1.1
f5 big-ip enterprise manager 3.0.0
f5 big-ip enterprise manager 3.1.0
f5 big-ip advanced firewall manager 11.6.0
f5 big-ip advanced firewall manager 11.3.0
f5 big-ip advanced firewall manager 11.4.0
f5 big-ip advanced firewall manager 11.4.1
f5 big-ip advanced firewall manager 11.5.0
f5 big-ip advanced firewall manager 11.5.1
f5 big-ip advanced firewall manager 11.5.2
f5 big-ip advanced firewall manager 11.5.3

## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## require 'msf/core' require 'nokogiri' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include Msf::Exploit::FileDropper SOAPENV_ENCODINGSTYLE ...

CWE-264 https://support.f5.com/kb/en-us/solutions/public/16000/700/sol16728.html http://packetstormsecurity.com/files/134434/F5-iControl-iCall-Script-Root-Command-Execution.html http://www.rapid7.com/db/modules/exploit/linux/http/f5_icall_cmd https://gdssecurity.squarespace.com/labs/2015/9/8/f5-icallscript-privilege-escalation-cve-2015-3628.html https://www.exploit-db.com/exploits/38764/http://www.securitytracker.com/id/1034307 http://www.securitytracker.com/id/1034306 https://nvd.nist.gov https://www.exploit-db.com/exploits/38764/

Get Started

CVE-2015-3628

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect